public async Task <IActionResult> Login(LoginViewModel loginViewModel) { if (!ModelState.IsValid) { return(View(loginViewModel)); } // Go to change password page if password = null //var user = await _accountService.SignInAsync(loginViewModel.UserName); var account = await _authenService.SignInAsync(loginViewModel.UserName); if (account == null) { ModelState.AddModelError("Error", "User name or password is not valid."); return(View(loginViewModel)); } // Check password var isCorrect = _authenService.VerifyPassword(loginViewModel.Password, account.PasswordHash, account.PasswordSalt); if (isCorrect == false) { ModelState.AddModelError("Error", "Password is not valid."); return(View(loginViewModel)); } // Get user role var roleName = await _authenService.GetRoleAsync(account.AccountId); if (roleName == null) { ModelState.AddModelError("Error", "Authentication failed."); return(View(loginViewModel)); } // Add cookie authentication var claims = new List <Claim> { new Claim(ClaimTypes.Name, account.UserName), new Claim("FullName", account.UserName), new Claim(ClaimTypes.Role, roleName), }; var claimsIdentity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme); await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = false, AllowRefresh = false }); return(RedirectToAction("Index", "Dashboard")); }